Service Organization Controls: SOC1
Report on Controls at a Service Organization Relevant to User Entities’ Internal Control over Financial Reporting.
Prepared in accordance with AT-C section 320, Reporting on an Examination of Controls at a Service Organization Relevant to User Entities’ Internal Control Over Financial Reporting, these are specifically intended to meet the needs of entities that use service organizations (user entities) and the CPAs/CAs that audit the user entities’ financial statements (user auditors), in evaluating the effect of the controls at the service organization on the user entities’ financial statements.
Service Organization Controls: SOC2
Report on Controls at a Service Organization Relevant to Security, Availability, Processing Integrity, Confidentiality or Privacy.
These reports are intended to meet the needs of a broad range of users that need detailed information and assurance about the controls at a service organization relevant to security, availability, and processing integrity of the systems the service organization uses to process users’ data and the confidentiality and privacy of the information processed by these systems. These reports can play an important role in:
General Data Protection Regulation (GDPR)
GDPR is a regulation applicable to the European Union (EU) requiring businesses to protect the personal data and privacy of EU citizens for processing of their personal data. While a summary of GDPR is reflected hereunder, details could be reviewed at https://gdpr.eu/tag/gdpr/.
At ProductDossier, we believe that GDPR is relevant to any global organization and not just to those that are based out of the EU.
What are the objectives of GDPR
What are the principles of GDPR?
Personal data shall be:
What has ProductDossier done about GDPR?
ISO/ IEC 27001
ProductDossier is certified according to ISO 27001
ISO/IEC 27001 is one of the most widely recognized independent international security standards. This certificate is awarded to organizations that comply with ISO’s high global standards.
ProductDossier has earned ISO/IEC 27001:2013 certification for Provision of trusted and managed Information Security in the process of ‘Development, Implementation and Support of the Products and Services